<?php
// Ajax Crud Folder
include('../inc/ajaxcrud/preheader.php');
include('../inc/ajaxcrud/ajaxCRUD.class.php');
/*$adminlocation = explode('/', $_SERVER['REQUEST_URI']);
$al0 = array_reverse($adminlocation);
$al = '/'.$al0[1].'/'.$al0[0];*/
?>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
<script src="../inc/ajaxcrud/javascript_functions.js" type="text/javascript"></script>
<link href="../inc/ajaxcrud/css/default.css" rel="stylesheet" type="text/css" media="screen" />

            <script>
                ajax_file = "<?=$_SERVER['REQUEST_URI']?>"; 

                this_page = "<?=$_SERVER['REQUEST_URI']?>";

                loading_image_html = "<center><br /><br  /><img src=\'../inc/ajaxcrud/css/loading.gif\'><br /><br /></center>"; 
            </script>
<link href="css/default.css" rel="stylesheet" type="text/css" media="screen" />
<?
include('../inc/submit.class.php');

// Id is the default Primary Key
$pk = 'id';

function AdminLink($l, $ads=null)
{
    echo '<a href="'.$l.'.php'.$ads.'">'.ucFirst($l).' Admin</a><br />';
}

// Admin Login Functions
function auth()
{
    
    if( isset($_COOKIE['aid']) && isset($_COOKIE['ahash']) && !empty($_COOKIE['aid']) && !empty($_COOKIE['ahash']) )
    {
        // MySQL Login Check
        $q = query("SELECT id,username FROM ".tAdmins." WHERE id = '".sql('aid', 3)."' AND hash = '".sql('ahash', 3)."'");
        
        // There can be Only One
        if(mysql_num_rows($q) == 1)
        {
            // Get user Data
            $u = mysql_fetch_object($q);
            return $u;
        }
        else
        {
            // User's data did not match or is empty
            return 0;
        }
    }
    else
    {
        return 0;
    }
}

function login()
{
    // Check if True
    if($_POST['submit'])
    {
        // Check if Correct
        $q = query("SELECT id FROM ".tAdmins." WHERE username = '".sql(strtolower(ucfirst($_POST['username'])), 0)."' AND password = '".sql(md5($_POST['password']), 0)."'");
        if(mysql_num_rows($q) == 1)
        {
            // Get user Data
            $u = mysql_fetch_object($q);
        }
        
        if($u != null)
        {
            query("UPDATE ".tAdmins." SET hash = '".hash."' WHERE id = '".sql($u->id, 0)."'");
            
            // Set Cookies
            cookie('aid', $u->id);
            cookie('ahash', hash);
            
            // Echo Login
            echo 'You have been successfully logged in.';
            redirect('index.php', 3);
        }
        else
        {
            // Echo Login
            echo 'Login Failed Try Again.';
            redirect('index.php', 3);
        }
    }
}

function checkLogin($login)
{
    // User is not authenticated
    if($login == false)
    {
        $form = array(
            'method' => 'post',
            'actions' => login(),
            'fields' => array
            (
                'username' => array('required', 'text', '', 'Username'),
                'password' => array('required', 'password', '', 'Password'),
            )
        );
        
        $submit = new Submit;
        
        $submit->view($form);
    }
}

function Logout()
{
    // Set Cookies
    cookie('aid', '');
    cookie('ahash', hash);
    
    // Echo Login
    echo 'You have been successfully logged out.';
    redirect('index.php', 3);
}

$auth = auth();
$login = ($auth == 0) ? false : true; 
if($login == false)
{
    checkLogin($login);
    exit();
}
?>
<strong><a href="<?=$location?>">Administration</a>
<? if($login == true){ echo '| <a href="index.php?page=logout">Logout</a>'; } ?></strong>
<br />
<br />
<?php
if($_GET['page'] == 'logout')
{
    Logout();
}
else
{
    if($login == true)
    {
        // You are Logged in
        echo '<strong>Manage CMS:</strong><br />';
        AdminLink('page');
        AdminLink('section');
        AdminLink('settings');
        AdminLink('users');
        
        echo '<br /><strong>Manage Modules:</strong><br />';
        
        $md = getDir('../admin');
        
        foreach($md as $mdK => $mdV)
        {
            $os = array('adminheader','adminfooter','index','users','page','section','settings','includes');
            if(!in_array($mdV, $os))
            {
                AdminLink($mdV);
            }
        }
    }
}